YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash acbc3dd8d94c8950b674634b3a7f1979f561b392478caac4ada628af4e6ae8fc.

Scan Results

SHA256 hash: acbc3dd8d94c8950b674634b3a7f1979f561b392478caac4ada628af4e6ae8fc
File size:1'001'912 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: fc7bacace860bd775b1bb81a5970d4d9
SHA1 hash: a407eeea59017f08deb8084231a88e0a69fd8838
SHA3-384 hash: 4f1baf40c93fa90e51a99b120eedd3201acfe09993f5397f19e7046c25fced85b821f357dc4043ae3b57583709a76fbe
First seen:2025-07-01 13:03:37 UTC
Last seen:Never
Sightings:1
imphash : b34f154ec913d2d2c435cbd644e91687
Create hunting rule
ssdeep : 24576:E8nKa/Vgarkd6n5vlOrLJrYS8Z5CsTmPqWJdBF4ecu4:Ia8GCLJP8vgv35ch
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon : 009269ecd4d42900
Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:cd72293e-567b-11f0-9b97-42010aa4000b
File name:fc7bacace860bd775b1bb81a5970d4d9
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:Detect_NSIS_Nullsoft_Installer
Create hunting rule
Author:Obscurity Labs LLC
Description:Detects NSIS installers by .ndata section + NSIS header string
TLP:TLP:WHITE
Rule name:PE_Digital_Certificate
Create hunting rule
Author:albertzsigovits
TLP:TLP:WHITE
Repository:
Rule name:Sus_Obf_Enc_Spoof_Hide_PE
Create hunting rule
Author:XiAnzheng
Description:Check for Overlay, Obfuscating, Encrypting, Spoofing, Hiding, or Entropy Technique(can create FP)
TLP:TLP:WHITE
Repository:YARAify

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.